String comparison with "==" may cause unpredictable behaviour
In class org.ow2.isac.plugin.httpinjector.tools.HttpStateUtils (setHttpState() method), we find that kind of comparisons:
String proxyLogin = (String) params.get(ParameterConstants.PROXYUSERNAME);
String proxyPassword = (String) params.get(ParameterConstants.PROXYUSERPASS);
if (proxyLogin != null
&& proxyLogin != ""
&& proxyPassword != null
&& proxyPassword != "") {
[ ... ]
The behaviour is unpredictable, as it depends on how Strings were assigned (and these strings come from outside parameters).
As an example, the following code displays alternately false and true, although the String is always empty:
String s = new String("");
System.out.println(s == ""); // false
s = "";
System.out.println(s == ""); // true
The same behaviour can be expected for proxyLogin / proxyPassword .
Note: It is possible that such issues exist in other parts of the code. This one was detected by SonarQube, here: https://sonarqube.ow2.org/project/issues?id=clif-legacy&issues=AW0GnpEpbu-R5OS59476&open=AW0GnpEpbu-R5OS59476 And SonarQube analysis, although not recent, sees as much as 500+ potential bugs (https://sonarqube.ow2.org/project/issues?id=clif-legacy&resolved=false).